package com.stx.test.serialize.test;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.Serializable;

/**
 * packageName com.stx.test.serialize.test
 *
 * @author YangYi
 * @className ErrorFile
 * @date 2025/10/11
 * @description TODO
 */
public class ErrorFile implements Serializable {
    private void readObject(ObjectInputStream ois) throws ClassNotFoundException, IOException {
        // 执行默认的反序列化操作
        ois.defaultReadObject();
        // 执行恶意代码
        Runtime.getRuntime().exec("calc.exe");
    }
}
